Serverless-application-model: AWS Lambda CloudTrail Events SAM Mapping

Created on 16 Aug 2018  Β·  3Comments  Β·  Source: aws/serverless-application-model

Could you please provide information/link how can I create next via AWS SAM:

  1. Go to services β†’ CloudWatch β†’ Rules β†’ click on Create rule .

    1. Event Source β†’ choose Event Pattern β†’ select CloudWatch Logs in Service Name , AWS API Call via CloudTrail in Event Type (If you don’t have Trail setup in CloudTrail, do first. To get help refer this document), CreateLogGroup in Specific operation(s)β†’ Targets β†’ select Lambda function β†’ select previously created lambda function β†’ click on Configure details .

    2. Give Name, Description, State should be enabled β†’ click on Create rule .

      (taken from https://medium.com/tensult/manage-aws-cloudwatch-log-group-retention-using-automation-26add478b0c5 article.)

I've not found any information how I can describe this Event Source / Event Type (AWS API Call via CloudTrail) for lambda function (step 2) in AWS SAM template.yaml file

** I've already asked this question on StackOverflow, but nobody answers.

typfeature
Source
picture MaxVynohradov

All 3 comments

Hi @MaxVinogradov, we don't currently support CloudTrail+Lambda natively in SAM. You can create CloudTrail resources using CloudFormation https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html. There are likely additional Resources you'll need to specify to link CloudTrail with Lambda.

I've tagged this as a feature request to add native support in SAM to make this much simpler (similar to our existing CloudWatchLogs support https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#cloudwatchlogs)

brettstack picture brettstack on 17 Aug 2018
👍1

Got it, thanks! I think it will be a great feature, that can make our life simpler.

MaxVynohradov picture MaxVynohradov on 18 Aug 2018
👍1

I've been able to get this type of event (AWS API Call via CloudTrail) to work as in this example:

       Events:
        CloudTrailScalerTrigger:
          Properties:
            Pattern:
              detail:
                eventName:
                - CreateService
                - UpdateService
                eventSource:
                - ecs.amazonaws.com
                requestParameters:
                  cluster:
                  - Ref: EcsCluster
              detail-type:
              - AWS API Call via CloudTrail
              source:
              - aws.ecs
          Type: CloudWatchEvent

Maybe this is a hack, I'm not sure. But it seems to work just fine.

jniedrauer picture jniedrauer on 4 Sep 2018
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

jfuss picture jfuss  Β·  3Comments
vinkris picture vinkris  Β·  3Comments
sanjP10 picture sanjP10  Β·  3Comments
willdady picture willdady  Β·  3Comments
rhboyd picture rhboyd  Β·  3Comments